Supported Environments in R82.10

Management Servers / Log Servers boot by default with the 64-bit Gaia Check Point security operating system that combines the strengths of both SecurePlatform and IPSO operating systems. kernel after a clean installation or upgrade to R82.10.

Notes:

If after the upgrade to R82.10 you revert to the previous version, then Gaia OS boots with the 64-bit Gaia kernel, even if in the previous version the Gaia kernel was 32-bit.
For documentation about Check Point Appliances, see sk96246.
Refer to the Support Life Cycle Policy page for more information and announcements.

Management Server and Log Server

Only these platforms support R82.10 in the Management Server Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server. and Log Server Dedicated Check Point server that runs Check Point software to store and process logs. configurations:

Check Point Product	Smart-1 7000-UL ⁽¹⁾, Smart-1 7000-XL ⁽¹⁾, Smart-1 7000-L ⁽¹⁾, Smart-1 6000-XL ⁽²⁾, Smart-1 6000-L ⁽²⁾	Smart-1 700-M ⁽³⁾, Smart-1 700-S ⁽³⁾, Smart-1 600-M ⁽⁴⁾, Smart-1 600-S ⁽⁴⁾	Open Servers ⁽⁵⁾	Virtual Machines ⁽⁶⁾
Security Management Server, Endpoint Security Management Server	Yes	Yes	Yes	Yes
Log Server	Yes	Yes	Yes	Yes
SmartEvent Server	Yes	Yes	Yes	Yes
Multi-Domain Security Management Server	Yes	No	Yes ⁽⁷⁾	Yes ⁽⁷⁾
Multi-Domain Log Server	Yes	No	Yes ⁽⁷⁾	Yes ⁽⁷⁾

For information about Smart-1 7000-UL, Smart-1 7000-XL, and Smart-1 7000-L, see sk182601.
For information about Smart-1 6000-L and Smart-1 6000-XL, see sk171903.
For information about Smart-1 700-M and Smart-1 700-S, see sk182601.
For information about Smart-1 600-S and Smart-1 600-M, see sk171903.
For certified Open Servers, see the Hardware Compatibility List > Tab Open Servers. For known limitations, see sk168335.
"Virtual Machines" apply to Public Cloud and to Private Cloud.

See the Hardware Compatibility List > Tab Virtual Machines. For known limitations, see sk168335.
Requires a license to manage a minimum of 25 Security Gateways.
Each of these Smart-1 appliance models, Open Servers, and Virtual Machines can run any combination of these products:
- Management Server and Log Server on the same server.
- Management Server and SmartEvent Server Dedicated Check Point server with the enabled SmartEvent Software Blade that hosts the events database. on the same server.
- Log Server and SmartEvent Server on the same server.
- Management Server and Log Server and SmartEvent Server on the same server.

Management High Availability:

You can configure Check Point Management High Availability Deployment and configuration mode of two Check Point Management Servers, in which they automatically synchronize the management databases with each other. In this mode, one Management Server is Active, and the other is Standby. Acronyms: Management HA, MGMT HA. between on-premises Management Servers and Management Servers in a cloud.

You must make sure the required Check Point traffic can flow between the on-premises servers and the servers in the cloud.

For Management High Availability restrictions, see sk39345.

Security Gateway or Cluster

Only these platforms support R82.10 in the Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources., Cluster Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing., or ElasticXL configuration:

Platforms	SK	Security Gateway, Cluster ⁽³⁾	ElasticXL Cluster ⁽⁴⁾
MLS200, MLS400	sk176466	Yes	Yes
QLS250, QLS450, QLS650, QLS800	sk176466	Yes	Yes
29100, 29200	sk180520	Yes	Yes
28000, 28600HS	sk152733	Yes	Yes
26000, 26000T	sk152733	Yes	Yes
19100, 19200	sk180520	Yes	Yes
16000, 16200, 16600HS, 16600T	sk152733	Yes	Yes
9100, 9200, 9300, 9400, 9700, 9800	sk181698	Yes	Yes
7000	sk139932	Yes	Yes
6200, 6400, 6600, 6700, 6900	sk139932	Yes	Yes
3920, 3950, 3970, 3980	sk183199	Yes	Yes
3600, 3800	sk110052	Yes	No
Open Servers ⁽¹⁾	N / A	Yes	No
Virtual Machines ⁽²⁾	N / A	Yes	Yes

For certified Open Servers, see the Hardware Compatibility List > Tab Open Servers. For known limitations, see sk168335.
"Virtual Machines" apply to Public Cloud and to Private Cloud.

See the Hardware Compatibility List > Tab Virtual Machines. For known limitations, see sk168335.
"Cluster" refers to ClusterXL (Active-Active, High Availability, Load Sharing) and VRRP Cluster on Gaia OS.
For ElasticXL requirements, see sk183513.

Standalone and Full High Availability

Only these platforms support R82.10 in the Standalone Configuration in which the Security Gateway and the Security Management Server products are installed and configured on the same server. (Gateway + Management Server) configuration or in the Full High Availability Cluster configuration:

Platforms	SK	Standalone, Full HA
9100, 9200, 9300, 9400, 9700, 9800	sk181698	Yes
7000	sk139932	Yes
6200, 6400, 6600, 6700, 6900	sk139932	Yes
3600, 3800	sk110052	Yes
Open Servers ⁽¹⁾	N / A	Yes
Virtual Machines ⁽²⁾	N / A	Yes

For certified Open Servers, see the Hardware Compatibility List > Tab Open Servers. For known limitations, see sk168335.
"Virtual Machines" apply to Public Cloud and to Private Cloud.

See the Hardware Compatibility List > Tab Virtual Machines. For known limitations, see sk168335.
It is not supported to enable the SmartEvent Software Blade Specific security solution (module): (1) On a Security Gateway, each Software Blade inspects specific characteristics of the traffic (2) On a Management Server, each Software Blade enables different management capabilities. on any Management Server in the Full High Availability Cluster configuration.

VSNext and Traditional VSX

This table shows the support for VSNext and Traditional VSX Virtual System Extension. Check Point virtual networking solution, hosted on a computer or cluster with virtual abstractions of Check Point Security Gateways and other network devices. These Virtual Devices provide the same functionality as their physical counterparts. in R82.10:

Platforms	VSNext	Traditional VSX
ElasticXL Cluster	Yes ⁽³⁾	No
Security Group - Maestro	Yes ⁽⁴⁾	Yes ⁽⁵⁾
Open Servers ⁽¹⁾	No	Yes
Virtual Machines ⁽²⁾	Yes ^(3)(6)(7)	Yes ⁽⁷⁾

For certified Open Servers, see the Hardware Compatibility List > Tab Open Servers. For known limitations, see sk168335.
"Virtual Machines" apply to Private Cloud and Public Cloud.

See the Hardware Compatibility List > Tab Virtual Machines. For known limitations, see sk168335.
The Gaia Operating System must be after a clean install, or restored to factory defaults.

In the First Time Configuration Wizard, you must select ElasticXL and Install as VSNext.

Converting to VSNext after the First Time Configuration Wizard is not supported.
Create a new Maestro Security Group A logical group of Security Appliances (in Maestro) / Security Gateway Modules (on Scalable Chassis) that provides Active/Active cluster functionality. A Security Group can contain one or more Security Appliances / Security Gateway Modules. Security Groups work separately and independently from each other. To the production networks, a Security Group appears a single Security Gateway. In Maestro, each Security Group contains: (A) Applicable Uplink ports, to which your production networks are connected; (B) Security Appliances (the Quantum Maestro Orchestrator determines the applicable Downlink ports automatically); (C) Applicable management port, to which the Check Point Management Server is connected. and in the First Time Wizard settings section, select Install as VSNext / VSX.

Converting an existing Maestro Security Group to VSNext is not supported.

Maestro Orchestrator See "Maestro Orchestrator". that runs the R82.10 version, automatically configures these modes:
- VSNext mode in a Maestro Security Group that runs the R82.10 version.
  
  For each Virtual Gateway you configure in this Maestro Security Group, in SmartConsole Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. you configure a regular Security Gateway object.
- Traditional VSX mode in a Maestro Security Group that runs the version R81.20 or lower.
  
  In SmartConsole, you configure a VSX Gateway Physical server that hosts VSX virtual networks, including all Virtual Devices that provide the functionality of physical network devices. It holds at least one Virtual System, which is called VS0. object and the required Virtual System Virtual Device on a VSX Gateway or VSX Cluster Member that implements the functionality of a Security Gateway. Acronym: VS. / Virtual Switch Virtual Device on a VSX Gateway or VSX Cluster Member that functions as a physical switch. Acronym: VSW. objects.
To configure a Maestro Security Group that runs the R82.10 version in the Traditional VSX mode:
1. Create a new Maestro Security Group and in the First Time Wizard settings section, do not select Install as VSNext / VSX.
2. In SmartConsole, configure a VSX Gateway object and the required Virtual System / Virtual Switch objects.
To install ElasticXL Cluster on Virtual Machines, see the requirements in sk183513.
VSNext and Traditional VSX modes are not supported in Public Cloud.

Threat Emulation Appliances

R82.10 does not support Threat Emulation Check Point Software Blade on a Security Gateway that monitors the behavior of files in a sandbox to determine whether or not they are malicious. Acronym: TE. Appliances.

Quantum Maestro

Quantum Maestro Orchestrator A scalable Network Security System that connects multiple Check Point Security Appliances into a unified system. Synonyms: Orchestrator, Quantum Maestro Orchestrator, Maestro Hyperscale Orchestrator. Acronym: MHO. models MHO-140, MHO-170, and MHO-175 fully support the R82.10 release. See sk183506.

For the list of supported Maestro Security Group versions, see Quantum Maestro Orchestrator and Security Group Versions.

For the list of supported Security Appliances in a Maestro Security Group, see sk162373.

Virtualization Platforms

For the most up-to-date information about the supported Linux versions and virtualization platforms, see the Hardware Compatibility List > Tab Virtual Machines.

Cloud Platforms

Supported setups for cloud solutions:

Amazon Web Services:
- Security Gateway
- Single Zone High Availability Cluster
- Cross Availability Zone Cluster (Cross AZ Cluster)
- Security Gateway Auto Scaling Group
- Gateway Load Balancer Virtual Machine Scale Sets
- Security Management Server Dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server.
- Multi-Domain Security Management Server
- Standalone
Microsoft Azure:
- Security Gateway
- High Availability Cluster
- Virtual Machine Scale Sets
- Security Management Server
- Multi-Domain Security Management Server
- Standalone
- Virtual WAN
Google Cloud Platform (GCP):
- Security Gateway
- High Availability Cluster
- Managed Instance Group (MIG)
- Network Security Integration (NSI)
- Security Management Server
- Multi-Domain Security Management Server
- Standalone
Oracle Cloud Infrastructure (OCI):
- Security Gateway
- High Availability Cluster
- Security Management Server
- Multi-Domain Security Management Server
- Standalone
Huawei Cloud:
- Security Gateway
- High Availability Cluster
- Security Management Server
- Standalone
Tencent Cloud:
- Security Gateway
- High Availability Cluster
- Security Management Server
- Standalone